CVE-2024-28807 is a security vulnerability identified in the Infinera hiT 7300 version 5.60.50, specifically within the @CT desktop management application. The core issue is the cleartext storage of sensitive information, including various users' passwords, in the application's memory. This flaw falls under CWE-312, which concerns the improper protection of sensitive information. An attacker with guest OS administrator privileges can access memory dumps of the desktop application and extract these passwords, compromising user credentials. The vulnerability requires local access with high privileges (PR:H) and some user interaction (UI:R), limiting the attack vector to insiders or attackers who have already gained elevated local access. The CVSS v3.1 score is 6.5, reflecting a medium severity with high impact on confidentiality, integrity, and availability. The vulnerability could lead to unauthorized access to network devices managed by the Infinera hiT 7300 system, potentially allowing attackers to manipulate or disrupt network operations. No patches or exploits are currently reported, indicating that the vulnerability is newly disclosed and not yet actively exploited. The lack of patch availability necessitates immediate compensating controls to reduce risk.

The vulnerability poses a significant risk to organizations using the Infinera hiT 7300 platform, particularly those in telecommunications and network infrastructure sectors. By extracting user passwords from memory, attackers with guest OS admin rights can escalate privileges or impersonate legitimate users, leading to unauthorized access to critical network management functions. This can result in data breaches, network outages, or manipulation of network traffic, impacting service availability and integrity. The compromise of user credentials may also facilitate lateral movement within the network, increasing the attack surface. Given the high confidentiality and integrity impact, organizations could face operational disruptions and reputational damage. The requirement for local high privileges and user interaction limits remote exploitation but does not eliminate insider threats or risks from compromised local accounts.

Since no patches are currently available, organizations should implement strict access controls to limit guest OS administrator privileges on systems running the Infinera hiT 7300 management application. Employing the principle of least privilege and monitoring for unusual memory access or dumping activities can help detect exploitation attempts. Use memory protection mechanisms such as encryption or secure enclaves if supported by the OS or application environment. Regularly audit and restrict physical and remote access to management consoles. Consider isolating the management application environment from less trusted networks and users. When patches become available, prioritize timely application. Additionally, educate administrators about the risks of memory dumping and enforce strong authentication and session management to reduce the risk of credential compromise.